Change RDS User Logon Modes using RES Automation Manager

Share on facebook
Share on google
Share on twitter
Share on linkedin
A VPN is an essential component of IT security, whether you’re just starting a business or are already up and running. Most business interactions and transactions happen online and VPN

If you are using Windows 2008 R2 Remote Desktop Services you might have noticed that there are various user logon modes available on the Remote Desktop Session Host; which you can see from the screen shot below:

These are all well and good should you wish to manually change the user logon modes i.e. Allow reconnections but prevent new logins until the server is restarted for say maintenance purposes. But if you are already using RES Automation Manager why not complete this task in a more automated fashion? Well this can be easily achieved by adding the following tasks and module parameter.

Module Tasks:

image

Module Parameters.

RDSConnModParam

Module Task 1 (Enable Logons):
  1. Add Task > Remote Terminal Server Logons.
  2. Settings > Enable Logons.
  3. Condition Expression > User Logon Mode = 1.
  4. Condition Expression > Computer Function = Terminal Server.
  5. If condition is TRUE then > Execute this task, but skip all remaining tasks in this module.
  6. If condition is FALSE then > Skip this task.
Module Task 2 (Disable Logons) :
  1. Add Task > Remote Terminal Server Logons.
  2. Settings > Disable Logons.
  3. Condition Expression > User Logon Mode = 2.
  4. Condition Expression > Computer Function = Terminal Server.
  5. If condition is TRUE then > Execute this task, but skip all remaining tasks in this module.
  6. If condition is FALSE then > Skip this task.
Module Task 3 (Allow connections) :
  1. Add Task > Registry Settings (Apply).
  2. Settings > Add the following registry value.
  3. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]
    “TSServerDrainMode”=dword:00000000.
  4. Condition Expression > User Logon Mode = 3.
  5. Condition Expression > Computer Function = Terminal Server.
  6. If condition is TRUE then > Execute this task, but skip all remaining tasks in this module.
  7. If condition is FALSE then > Skip this task.
Module Task 4 (Allow reconnections, but prevent new logons) :
  1. Add Task > Registry Settings (Apply).
  2. Settings > Add the following registry value.
  3. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]
    “TSServerDrainMode”=dword:00000002.
  4. Condition Expression > User Logon Mode = 4.
  5. Condition Expression > Computer Function = Terminal Server.
  6. If condition is TRUE then > Execute this task, but skip all remaining tasks in this module.
  7. If condition is FALSE then > Skip this task.
Module Task 5 (Allow reconnections, but prevent new logons until server is restarted) :
  1. Add Task > Registry Settings (Apply).
  2. Settings > Add the following registry value.
  3. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]
    “TSServerDrainMode”=dword:00000003.
  4. Condition Expression > User Logon Mode = 5.
  5. Condition Expression > Computer Function = Terminal Server.
  6. If condition is TRUE then > Execute this task, but skip all remaining tasks in this module.
  7. If condition is FALSE then > Skip this task.

Once you have created the module, when you come to schedule the job its then a simple matter of selecting which logon mode you would like to apply from the job parameters. Of course you can schedule the job on individual, multiple or teams of agents.

image

To make life even easier I’ve created a handy building block that you can import into your environment.

Any questions just ask.

Enjoy

Nathan

siteadmin

siteadmin

Leave a Replay

Recent Posts

Sign up for our Newsletter

Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit